A key purpose of the @RISK is to provide the data that will ensure that the 20 Critical Controls (the US and UK benchmark for effective protection of networked systems) continue to be the most effective defenses for all known attack vectors. But since it is also valuable for security practitioners, SANS is making it available to the 145,000 security practitioners who have completed SANS security training and others at their organizations who hope to stay current with the offensive methods in use.

This talk will explain how to better protect your organization by differentiating between types of insider threats. Learn how to detect and respond appropriately to both accidental and intentional insider threats, right in the ObserveIT platform. You'll learn how to decrease your risk of data exfiltration while building a stronger workplace culture around security. Register: http://www.sans.org/info/209865

3) Learn about common SOC blindspots that adversaries exploit, and how to measure the visibility of your existing SIEM apparatus using free, open source tools. Register: http://www.sans.org/info/209880

============================================================

NOTABLE RECENT SECURITY ISSUES

SELECTED BY THE TALOS SECURITY INTELLIGENCE AND RESEARCH GROUP

Title: WindTail APT able to bypass traditional antivirus protections

Description: Malware from the MindTail APT is able to bypass some traditional antivirus protections, such as Apples default gatekeeper settings on Mac. Rather than deliver specific malware, WindTail generally tries to track its victims, including their location, online habits and other traits.

Description: A new cryptocurrency miner known as L0rdix has surfaced on the darknet. Its available on some forums for as little as $60, and attackers are deploying it to mine cryptocurrency on victims machines, as well as steal personal data. L0rdix is specifically designed to target Windows machines.

Description: A critical vulnerability exists in Adobe Flash Player 31.0.0.153 and earlier versions. Successful exploitation could potentially allow an attacker to take control of the affected system. Adobe is aware of reports that an exploit for CVE-2018-15982 exists in the wild.

CVSS v2 Base Score: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

ID: CVE-2018-10933

Title: libssh Authentication Bypass Vulnerability

Vendor: libssh

Description: A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create channels without first performing authentication, resulting in unauthorized access.

Description: Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when using results with no namespace and in same time, its upper action(s) have no or wildcard namespace. Same possibility when using url tag which doesn't have value and action set and in same time, its upper action(s) have no or wildcard namespace.

Description: Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.